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System and method for managing networks addressed via 
common network addresses. The system and method facili- 
tate proper routing and processing of network packets within 
a network data processing environment. The system and 
method include and involve a router that has an interface for 
communicating a network packet. The network packet 
inclu des a network addre ss. The interface has a unique 
in terface identifier relative to the router . Hie router is 
configured to map_the_netwoik_addiess_ and the unique 
in terface iden tifier to a uni que network address and to 
re place the network address in the network packet wi th the 
uni que network -address. The system and method also 
include and involve a management system that is coupled to 
the router. The management system is configured to receive 
the network packet from the route r, to map the unique 
n etwork address in the network packet to a custome r and/or 
iisaj£jjr.ntififir,.arK | l t n rrocff"* ihft mtw n r k parlmt and data 
contained therein based on the customer/usage identifier. 

37 Claims, 6 Drawing Sheets 



102 




06/05/2003, EAST Version: 1.03.0002 



U.S. Patent Jan. 16, 2001 Sheet 1 of 6 



US 6,175,867 Bl 



102 




FIG.1 



06/05/2003, 



EAST Version: 1.03.0002 



I 



U.S. Patent Jan. 16, 2001 Sheet 2 of 6 



US 6,175,867 Bl 



DATA TO AND FROM PRIVATE NETWORKS VIA ROUTERS 



202 



PROCESSOR 



DATASTORAGE 
SUBSYSTEM 



206 



JL 



204 



I/O 



V 



102 



FIG. 2 



DATA TO AND FROM PRIVATE NETWORKS & 
DATA TO AND FROM MANAGEMENT SYSTEM 



i 



302 



PROCESSOR 



304 



PORT 
I/O 



DATA STORAGE 
SUBSYSTEM 



306 



V 



104,112 



FIG. 3 



06/05/2003, EAST Version: 1.03.0002 



U.S. Patent Jan. 16,2001 Sheet 3 of 6 US 6,175,867 Bl 



f START V 



S4-1 



RECEIVE PACKET CONTAINING A NETWORK ADDRESS 
FROM A PRIVATE NETWORK ELEMENT 



S4-2 



I 



IDENTIFY INTERFACE-ADDRESS (E.g., PORT NO.) FROM 
WHICH THE PACKET WAS RECEIVED 



S4-3 



I 



CREATE TUPLE RECORD CQNn^lNINGJJETWORK 
~~ ADDRESS-ANDJNTE8FACE.N.UJMBER 



y 



i 



TRANSLATE TUPLE RECORD (NET. ADDR, INTERFACE NO.) 
INTJD_AJJMQUE,NETi«ORK.ADDRESS 



V 



S4-4 



S4-5 



1 



PLACE UNIQUE-NETWORK ADDRESS INTO PACKET AND 
FORWARD fjD-MANAGEMENTSYSTEM FOR PROCESSING 



y 



S4-6 



I 



S4-7 



FIG. 4 



06/05/2003, EAST Version: 1.03.0002 



U.S. Patent Jan. 16, 2001 Sheet 4 of 6 



US 6,175,867 Bl 



f START Y 

_ZEZ 



S5-1 



RECEIVE PACKET CONTAINING A UNIQUE 
NETWORK ADDRESS 



V 



S5-2 



I 



>S5-3 



USING LOOKUP TABLE, CONVERT UNIQUE NETWORK 
ADDRESSJNTO. ANADDRESSING-TUPLE 

(CUSTOMER ID, NETWORK ADDR) 



I 



S5-4 



PROCESS PACKET-AND DATA CONTAINED THEREIN 
BASED_0N CUSTOMER/USAGE-PARAMETERS IN 
ACCORDANCE WITH CUSTOMER ID. 



V 



I 



S5-5 



FIG. 5 



C START Y 



S6-1 



>S6-2 



FORMAT PACKET FOR TRANSMISSION TO 
PRIVATE NETWORK 



I 



S6-3 



S6-4 



TRANSLATE (USING LOOKUP TABLE) ADDRESS TUPLE 
(CUSTOMER ID, NETWORK ADDR) INTO A UNIQUE 
NETWORK ADDRESS 



I 



V 



PLACE UNIQUE NETWORK ADDRESS IN PACKET 
HEADER AND FORWARD PACKET TO ROUTER 



I 



S6-5 



FIG. 6 



06/05/2003, EAST Version: 1.03.0002 



U.S. Patent Jan. 16, 2001 Sheet 5 of 6 US 6,175,867 Bl 



{ START V 



S7-1 



RECEIVE PACKET FROM MAN AGEMENT SY STEM 



yS7-2 



TRANSLATE UNIQUE NETWORK ADDRESS IN PACKET 
HEADER INTO A ROUTING TUPLE (INTERFACE NO., 
NETWORK ADDRESS) USING ROUTER'S LOOKUP 
TABLE/STRUCTURE 



yS7-3 



I 



PLACE NETWORK ADDRESS IN PACKET HEADER AND 
FORWARD PACKET ON INTERFACE (E.g., PORT) NUMBER 
TO NETWORK ELEMENT AND PRIVATE NETWORK 



yS7-4 



( END J 



FIG. 7 



06/05/2003, EAST Version: 1.03.0002 



U.S. Patent Jan. 16, 2001 Sheet 6 of 6 US 6,175,867 Bl 



( START jf 



S8-1 



ESTABLISH UNIQUE NETWORK ADDRESS TO 
CORRESPOND TO A NETWORK ADDRESS 
(E.g.. DUPLICATE IP ADDRESS) 



yS8-2 



I 



STORE UNIQUE NETWORK ADDRESS RELATIVE TO 
NETWORK ADDRESS IN MANAGEMENT SYSTEM 



- fS8-3 



I 



SEND UNIQUE NETWORK ADDRESS TO ROUTER SYSTEM 



yS0-4 



I 



STORE UNIQUE NETWORK ADDRESS RELATIVE TO 
NETWORK ADDRESS IN ROUTER SYSTEM 



c~™~y S8 ' 6 



FIG. 8 



CUSTOMER ID, NETWORK ADDR 



UNIQUE NETWORK ADDR 



V 



902 



FIG. 9A 



UNIQUE NETWORK ADDR 



,904 



INTERFACE NO., NET. ADDR 



FIG. 9B 



06/05/2003, EAST Version: 1.03.0002 



us 6,r 

1 

SYSTEM AND METHOD FOR MANAGING 
NETWORKS ADDRESSED VIA COMMON 
NETWORK ADDRESSES 

BACKGROUND OF THE INVENTION 

1. Field of the Invention 

Hie present invention relates to systems and methods that 
are used to manage networks that are addressed with com- 
mon network addresses. 

2. Description of the Related Art 

With the increase in popularity of the Internet, the wide- 
spread deployment of intranets, and the growing use of 
Internet protocol (IP) based network technologies, many 
corporations and enterprises have established private net- 
works which have become diflGcult and costly to manage 
effectively. Often, such private networks require deployment 
of large resource pools to service user populations, work 
forces that are highly skilled in resource management 
operations, and extensive physical facilities. As such, many 
enterprises have elected to outsource the management of 
their networks to third-party service providers. Although 
outsourcing has enabled enterprises to efficiently and effec- 
tively manage their private networks, service providers now 
face significant problems in managing such networks on 
behalf of their customers. For example, service providers 
now face having to manage two or more networks which 
may use common network addresses for internal network 
addressing and processing. 

The problems associated with managing networks which 
are addressed by common network addresses are com- 
pounded when enterprises use IP technologies. For example, 
it is well known that there are not enough publicly addres- 
sable IP addresses to serve the needs of all who seek to 
utilize IP technologies. Accordingly, enterprises often must 
use network addresses in ranges that are approved by the 
Internet Engineering Task Force (IETF) in standard RFC 
1918. The RFC 1918 standard provides the following net- 
work address ranges for private IP-based networks: 

10.0.0.0 to 10.255.255.255 

172.16.0.0 to 172.31.255.255 

192.168.0.0 to 192.168.255.255 

Although the above-listed network address ranges have 
allowed enterprises to adopt corresponding address blocks 
for internal use, it remains possible for two enterprises to 
select, adopt, and use one or more of the same network 
address. Since such a situation would result in two or more 
enterprises being addressable via a common IP address, 
service providers face a serious challenge in servicing more 
than one enterprise. In particular, service providers face 
deployment of separate resource farms (e.g., separate 
routers, computing systems, peripherals, etc.) if they desire 
to service two or more customers with common IP 
addresses. The costs associated with deploying such 
resources can outweigh the profits realized from managing 
a network on behalf of a customer. Such problems can lead 
to lost sales for service providers and a lack of network 
management options for enterprises who seek reliable net- 
work management services without being required to re-map 
or re-address their resources. 

Thus, there exists a need to provide systems and methods 
for managing networks which may be addressed with com- 
monly selected network addresses. To be viable such sys- 
tems and methods must be capable of mapping otherwise 
common or duplicated network addresses into unique 
addresses which a management system may use in routing 
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and processing corresponding network packets and data on 
behalf of a customer. 

SUMMARY OF THE INVENTION 

5 The present invention addresses the limitations and prob- 
lems associated with the related art by providing systems 
and methods that enable commonly used network addr esses 
t o properly address network resources within a network data 
processing environment. The systems and methods provided 

10 by the present invention map network addresses into unique 
ne twork addresses so that network resource addressi ng is 
p roperly performe d. Unique network addresses may be 
b ased on router assignments relative to a particular -pri vate 
ne twork. As such, two or more enterprises that internall y use 

15 co mmon network addresses can now have -th eir networks 
man aged by a common management entity without requir- 
in g employment of additional network resources or 
re-a ^dressing.of network reso urces. 

2Q Accordingly, the present invention provides a system for 
routing and pr ocessing a network packet within a netwo rk 
d ata processing environmen t. 1 tte system includes a router 
haying an interface for communicating a network packet th at 
inclu3es_a-Jietwork addr ess. The interface has a unique 

25 i nterface identifier relative to the router . Tlie router is 
con figured to map the network address and the un ique 
in terface identifier, to a unique network address and to 
rep lace the network address in the network packet with the 
u nique network addre ss. The system also includes a man- 

30 agement system that is coupled to the router. The manage- 
ment system is configured to receive the network packet 
from the router, to^ap*\he urnqu&jjej^QrJLaddb^^ 
net work packet _to_a_u sag e identifier , and to process the 
network pa cket and_da ta_co ntained therein ba secLon the 

35 usa ge identifi er 

According to another aspect of the present invention, 
provided is a router for routing a network packet within a 
network data processing environment. The router includes 
an interface for communicating a network packet. The 
network packet includes a n etwork add ress. The interface 
has a unique inte rfac e identifier relative to the router. The 
router also includes an address mapping system for mapping 
the ne twork address_a ad the, unique interface identifier to a 
unique network ad dress, and for replacing the network 

45 address~~~in the network packet with the unique network 
address. s TEe router is configured to route the network packet 
within the network data processing environment based on 
the unique network address. 
According to another aspect of the present invention, 

50 provided is a method for processing a network packet 
received from a network data processing environment. The 
method includes a step of receiving a network packet 
containin g a unique network addres s. Trie unique network 
address is based on a network address corresponding to a 

55 net work element within the network data p rocessing envi- 
ronment. A nother step involves map ping the unique network 
address into a usage identifie r corresponding to a network 
resouTctTaddressable within the network data processing 
environment. An additional step involves processing the 

60 network packet based on usage parameters corresponding to 
the usage identifier 

According to another aspect of the present invention, 
provided is a method for routing a network packet within a 
network data processing environment. The method includes 

65 a step of formatting a network packet for transmission to a 
network element. The network packet includes a usage 
identifier and a network address corresponding to the usage 
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identifier. The method further includes the steps of mapping operational aspects. Unless otherwise indicated, like parts 

the usage identifier and the network address into a unique and processes are referred to with like reference numerals, 
network address, inserting the unique network address into 

the network packet, and routing the network packet to the Structural Aspects of the Present Invention 

network element based on the unique network address via 5 Referring now to FIG. 1, depicted therein is a block 

the network data processing environment. diagram of a network data processing system. Within the 

According to a another aspect of the present invention, network data processing system shown in FIG, 1, commonly 

provided is a method for routing and processing a network used network addresses (e.g., IP addresses used by two or 

packet within a network data processing environment. The more enterprises to address network resources, etc.) may be 

method includes a step of transmitting a network packet 10 used to address network resources managed by a common 

within the network data processing environment. The net- management system. Accordingly, network data processing 

work packet includes a network address. The method further system 100 includes a management system 102, routers 104 

includes the steps of receiving the network packet, mapping and 112 having respective network interface ports 106, 114, 

the network address to a unique network address, replacing and 122 private networks 108, 116, and 120 and users within 

the network address in the network packet with the unique 15 respective user communities 110, 118, and 124. Hie arrange - 

network address, sending the network address within the m ent of structures and parties within system 100 will be 

network data processing environment based on the unique immediately understood by those skilled in the art. It should 

network address, receiving the network packet, mapping the be understood that system 100 includes structures which 

unique network address in the network packet to a usage incorporate Internet Protocol (IP) based technologies which 

identifier, and processing the network packet and data con- 20 will be readily understood by those skilled in the art. 

tained therein based on the usage identifier. Management system 102 includes a typical arrangement 

_ ^ _ of computing and network resources such as processors, 

BRIEF DESCRIPTION OF THE DRAWINGS peripherals, and data storage systems which, according to 

The present invention is described in detail below with ^ the present invention, will allow private networks which 

reference to the following drawing figures of which: utilize common IP addresses to be addressed and serviced 

™^ i * u.i i a' f A n * n appropriately. Routers 104 and 112 are typical network 

FIG. 1 is a block diagram of a network data processing . * n 4 . c . A . rTcrn ™ D 

64 r & routers similar or like those manufactured by CISCO COR- 

syslem; e PORATION (e.g., the CISCO 7000 IP Router). In accor- 

FIG. 2 is a block diagram of the management system daflce ^ me present ^^0^ a router ^ 104 

illustrated in FIG. 1; 30 ^ ^ will be configured to process and route packet data 

FIG. 3 is a block diagram of a network router like the mat include commonly used IP addresses. Private networks 

routers illustrated in FIG. 1; 108, 116, and 120 are typical network data processing 

FIG. 4 is a flow chart that illustrates the operations carried systems and environments which may be operated by an 

out by a router in receiving packet data from a private 3S enterprise and which include a collection of one or more 

network element according to a preferred embodiment of the processors, peripherals, data storage systems, etc. The users 

present invention; within user communities 110, 118, and 124 are outfitted with 

FIG. 5 is a flow chart that illustrates the operations carried data processing terminals (e.g., terminals, personal comput- 

out by a management system in receiving packet data from ing systems, etc.) in typical fashion, 

a router according to a preferred embodiment of the present ^ The interconnections and couplings of the structures 

invention; within system 100 will be readily understood by those 

FIG. 6 is a flow chart that illustrates the operations carried skilled in the art. For example, routers 104 and 112 may be 

out by a management system in sending packet data to a coupled to management system 102 via IP links, 

router for further forwarding according to a preferred In system 100, private network 108 and private network 

embodiment of the present invention; 45 116, for example, possess network address blocks that have 

FIG. 7 is a flow chart that illustrates the operations carried been independently set tpjndu^a^^ 

out by a router in sending packet data to a private network 10.100.100.10. For purposes of discussion and lUustrauon, 

element according to a preferred embodiment of the present however, only one IP address* mentioned below Despite 

invention- the fact that private network 108_a nd private network 116 are 

' . .„ , . . , t 0 addressed and/or allo w addressin g_wjtb the same (Le., 

FIG.8isaflowchartthatmust^^ OTmmon) rp^dr^^ 

out by a management system in establishing ,a network to ^ data a ppropria tely for each private net - 

address relationship according to a preferred embodiment of ^S^j^cm. AccdrdinglyTi fa user from user co m- 

the present invention; mggSTlOktendsJDjranwriit a packcLcojitamingJhe IP 

FIG. 9A is a table diagram of a lookup table used by a 55 aSlress^!^ to m 

management system according to preferred embodiment of elecTfomcmail item ) to anothe m ser in that c ommunity. that 

the present invention; and pack et will be a p propriately processed bv__jnana gement 

FIG. 9B is a table diagram of a lookup table used by a syst em 102 and delivered to the^rec i pient user in user 

router according to a preferred embodiment of the present co mmunity 110. Such functionaHt vjiyiJLb e^acfaievedj egard- 

invention. 60 le ss of whether a user in usec community 118 transmits a 

packet containing the IP address 10.100.100.10. 

PREFERRhD bMBOUlMblN 1^ m ent company (e.g., a service provider) who operates and 

The present invention is now discussed in detail with maintains m anagement syste m 102 and the resources thereof 

regard to the drawing figures that were briefly described 65 to service many private networks f or customers who may, by 

above. A discussion of the structural aspects of the present happenstance, posses and utilize common network or IP 

invention is followed by a discussion of corresponding addresses. As such, a management company need not have 



06/05/2003, EAST Version: 1.03.0002 



US 6,175,867 Bl 

5 6 

to create individual resource farms to service multiple store addressing data used by routers 104 and 112 to route 

customers. Instead, a management company can now use packet data to and from management system 102. A suitable 

and share computing and network resources to service one router system that may be implemented for routers 104 and 

or more customers thereby creating economies of scale and 112 in system 100 (FIG. 1) is the CISCO 7000 router 

the like. 5 (mentioned above). 

It should be understood that management system 102 is Data in the form of TCP/IP or IP packets are sent to and 

configured to act as a service provider's network or collec- from (and communicated through) routers 104 and 112 to 

tion of network resources that are maintained and operated private networks 108, 116, and 120 and management system 

to service user communities associated with private net- 102, respectively. The flow of packet data through routers 

works such as private networks 108 and 116. Private net- 10 104 and 112 will be immediately understood by those skilled 

works 108 and 116 may bethought of as networks which are in the art. Exemplary operations of management system 102, 

either-located^withi n a particul ar enter prise or w KLch are routers 104 and 112 are described in detail below with regard 

"facilit ies manage d" by the entitylhat operates and main- to FIGS. 4-8. 
tains management system 102. Of course, any other place- 

ment or arrangement that may be implemented as a private is Operational Aspects of the Present Invention 

network may be incorporated into the present invention. The The structures depicted in FIGS. 1-3 are configured to 

present invention now allows two or more networks that operate together to route and process network packets and 

utilize a common or duplicated network address to have data contained therein in a network data processing envi- 

network management options which have heretofore not ronment where private networks (and enterprises) have 

been realized. 20 adopted and are using a common network address such as a 

It also should be noted that although system 100 is shown common or duplicated IP address. The requisite and salient 
to include only one management system, two routers, and operations to bring about such functionality are illustrated in 
three private networks, the present invention is not so FIGS. 4-8. More particularly, the operations depicted in 
limited. To the contrary, the present invention will support FIGS. 4-8 are, in many respects, intended to be carried out 
any number of management systems, routers, and private 25 via execution of appropriate computer software. Such corn- 
networks that are interconnected to service corresponding puter software and, in particular, the programming con- 
private computing environments. structs necessary to bring about such operations and results 

And, it should also be noted that while the present will be readily apparent to those skilled in the art after 

invention will support commonly used address such as those 3Q reviewing and understanding the operations illustrated in 

used by private networks 108 and 116, the present invention FIGS. 4-8. 

also will support network addresses which may be otherwise Referring now to FIG. 4, depicted therein is a flow chart 

considered as unique addresses (i.e., until the same are that illustrates the operations carried out by a router (e.g., 

selected by another enterprise to be managed and/or serviced routers 104 and 112) in receiving packet data from a private 

by management system 102) such as those addresses which 35 network element according to a preferred embodiment of the 

are used within private network 120. For purposes of brevity, present invention. For example, such packet data may 

however, private network 120 and any addressing that include an electronic mail item from one user in a private 

normally transpires therein will not be further addressed network's user community to another user, 

below. Processing starts as Step S4-1 and immediately proceeds 

Referring now to FIG. 2, depicted there is a block diagram ^ to Step S4-2. At Step S4-2, router 104 or router 112 will 

of management system 102 as originally illustrated in FIG. receive an IP packet containing a network address (e.g., 

1. Management system 102 includes one or more processors 10.100.100.10) from a private network element (e.g., a mail 

202, a network I/O unit 204, and a data storage subsystem server computer system, etc.). 

206 which are coupled together in typical fashion. A suitable Next, a t Step S4-3, router 104 or router 112 will identify 

computing and network system that may be incorporated 45 the port interface address or identifier (e.g., a physical or 

into system 100 (FIG. 1) is a SUN SPARC 1000 data logical port number, etc.) from which the aforementioned IP 

processing system which is manufactured and marketed by packet was received. Thereafter, at Step S4-4, systems 

SUN MICRO SYSTEMS, INC. or a system of similar or like within a router will create a addressing tuple (an ordered set 

functionality. of data of fixed size) containing a mapping pair including the 

Data in the form of TCP/IP or IP packets are sent to and 50 network address and the interface address. Such a record 

from management system 102 via routers 104 and 112 in will be stored in a data storage subsystem (e.g., a memory 

conventional ways. Such packet data is communicated unit, etc.) of either router 104, or router 112. 

through network I/O unit (ports) 204 and processed by Next, at Step S4-5, the aforementioned address pair 

processor 202 in conjunction with data stored and to be ("network address, interface address") will be translated or 

stored in and retrieved from data storage subsystem 206. A 55 mapped into a unique network address. The mapped unique 

discussion of the types and nature of the data stored and network address may take any form such a string of digits 

retrieved in data storage subsystem 206 is found below in which may or may not look lie a typical 32-bit IP address, 

regard to FIGS. 9A and 9B. The operation of management For example, the mapped unique network address may look 

system 102 is described in detail below with regard to FIGS. like "UA1938476" in the case of a non-IP formatted address 

4-8. 60 or "999.34.12.127" in the case of a IP-look-alike address). 

Referring to FIG. 3, depicted therein is a block diagram of Alternatively, the mapped unique network address may be 

a network router similar or like routers 104 and 112 as formed by concatenating the network address (e.g., a com- 

originally illustrated in FIG. 1. Routers 104 and 112 each monly used network address) with a physical interface port 

include a processor 302, a port I/O interface unit 304 which number to produce a router-port unique network address, 

allows packet and data I/O on one or more interface ports 65 The exact nature and make-up of the mapped unique address 

(e.g., ports 196, 114, and 122 as shown in FIG. 1), and a data which is formatted for a router may depend on the address 

storage subsystem 306 which may be used to temporarily alteration abilities of the particular router that is chosen and 
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the particular design requirements that are established in the 
particular system that incorporates the present invention's 
addressing schemes. In any case, if a particular network 
protocol is reliant on IP formatted packets, the mapped 
unique address will likely have to be formatted as an IP 
address regardless, however, of the value of such an IP-look- 
alike address (e.g., a mapped unique address that is selected 
from an otherwise public use range, etc). 

The unique network address stored within the router will 
be supplied to the router from management system 102 
which is charged with the responsibility of establishing and 
creating unique network addresses and provisioning the 
same to router storage facilities for appropriate mapping and 
network routing processes. The establishment of unique 
addresses is discussed below in regard to the flow chart 
illustrated in FIG. 8. 

In any case, at Step S4-6, the mapped unique network 
address is placed into the packet header and forwarded or 
routed to management system 102 for appropriate receipt 
and processing. It should be understood that there is no 
alteration of the data contained in a network packet (also 
referred to as the "payload" of the network packet). The 
present invention and the operations just described merely 
adjust network packet headers by substituting network 
addresses. 

Processing ends at Step S4-7. 

Referring now to FIG. 5, depicted therein is a flow chart 
that illustrates the operations carried out by a management 
system (e.g., management system 102) in receiving packet 
data from a router according to a preferred embodiment of 
the present invention. 

Processing starts at Step S5-1 and immediately proceeds 
to Step S5-2. At Step S5-2, management system 102 will 
receive a packet from a router (as indicated in the flow chart 
of FIG. 4). The received packet will contain a unique 
network address as described above. 

Next, at Step S5-3, management system 102 will convert 
the unique network address into an addressing tuple 
("customer/usage identifier, network address"). Such a con- 
version will involve a database query or lookup operation 
relative to an appropriate table having at least two fields 
corresponding to the network address as formatted for a 
router system and the customer/usage identifier, respec- 
tively. The customer/usage identifier will identify the private 
network that is to be serviced and, possibly, the nature and 
type of computing operation to be carried out on behalf of 
a particular network customer, etc. The creation and main- 
tenance of a lookup table to achieve such functionality will 
be readily apparent to those skilled in the art. 

Next, at Step S5-4, management system 102 will process 
the packet and data contained therein in accordance with 
customer parameters corresponding to the customer/usage 
identifier that also corresponds to the network address. For 
example, if the data contained in the packet represents an 
electronic mail item to be distributed among users within a 
particular user community, management system 102 will 
process accordingly. 

Processing ends at Step S5-5. 

Referring now to FIG. 6, depicted therein is a flow chart 
that illustrates the operations carried out by a management 
system (e.g., management system) in sending packet data to 
a router for further forwarding according to a preferred 
embodiment of the present invention. 

Processing starts at Step S6-1 and immediately proceeds 
to Step S6-2. At Step S6-2, management system 102 formats 
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packet and data for submission to a private network (e.g., 
private network 108). 

Next, at Step S6-3, management system 102 will translate 
(using a lookup table) an address tuple as described above 
5 (i.e., "customer/usage identifier, network address) into a 
unique network address. 

Thereafter, at Step S6-4, management system 102 will 
place the unique network address into the packet and for- 
ward the same to a router for further routing and forwarding 
10 to a particular private network and, ultimately, to a user 
thereof. 

Processing ends at Step S6-5. 

Referring now to FIG. 7, depicted therein is a flow chart 

1S that illustrates the operations carried out by a router in 
sending packet data to a private network element according 
to a preferred embodiment of the present invention. 

Processing starts at Step S7-1 and immediately proceeds 
to Step S7-2. At Step S7-2, a router (e.g., router 104) will 

20 receive a packet from management system 102 as described 
above in regard to FIG. 6. 

Next, at Step S7-3, the processor in the router will 
translate the unique network address in the packet header 
into a routing tuple record including an interface number 

25 (e.g., port number, etc.) and a network address (e.g., a 
commonly used network address). Such a translation can be 
accomplished using some form of lookup structure that may 
be stored in a memory device, etc. 

Thereafter, at Step S7-4, the processor in the router will 

30 place the network address in the packet header and forward 
the same via the port having the aforementioned interface 
number to the network element within the appropriate 
private network. 

35 Processing ends at Step S7-5. 

Referring now to FIG. 8, depicted therein a flow chart that 
illustrates the operations carried out by management system 
102 in establishing a network address relationship according 
to a preferred embodiment of the present invention. Such a 
network address relationship will allow private networks 
sharing a "common" or duplicated network address to be 
managed by a common management system without requir- 
ing such a management system to deploy separate sets of 
resources. In other words, the establishment of unique 

45 addresses within the present invention will allow a manage- 
ment system to efficiently and cost effectively share 
resources to service several private networks and customers. 
For example, management system 102 could operate and 
maintain a mail server system which will properly route 

50 electronic mail items (and network packets corresponding to 
such electronic mail items) to user populations that inter- 
nally address network resources with a common or dupli- 
cated network (e.g., IP) address. 

Processing starts at Step S8-1 and immediately proceeds 

55 to Step S8-2. At Step S8-2, management system 102 will 
establish a unique network address to correspond to a 
network address which appears to be a common or dupli- 
cated address (e.g., a new customer identifies a network 
address that is used internally and which is already known 

50 to management system 102 to be an address corresponding 
to another customer). The commonly used address may be in 
the form of a commonly used IP address. 

The establishment of a unique network address and the 
nature of the unique network address may vary depending of 

65 particular design parameters. Preferably, however, a unique 
network address is established and assigned to correspond to 
a particular (e.g., a duplicated or commonly used network 



06/05/2003, EAST Version: 1.03.0002 



US 6,175,867 Bl 

9 10 

address) network address by selecting the same from a pool etc.) to a customer/usage identifier. Once mapped, a 

of known unique network addresses. Selecting such an customer/usage identifier will allow management system 

address can be as simple as taking a next-assignable address 102 to process a packet containing the same based on 

from an address pool, incrementing an address counter, etc. parameters established for the particular customer or 

Such techniques for assigning network addresses will be 5 intended use of management system 102. The actual data 

readily understood by those skilled in the art. The nature and s,r " ctures "> «*nevably store the aforementioned data 

format of the assigned unique network address may be that values may vary depending on the implementation dettibof 

of anlPaddressoTof any ottier address format that is chosen • P 4 *™ 1 " "Tj^J^ ,^JK£„I", £ 

. A ^. , , . 3 . , . . structures used to retrievably store the aforementioned data 

to sua particular design requirements and network protocols * jsk 

In tact, me present mventionwm even aUow the assignment 10 * ^ appropriate system routines^ 

of what would otherwise appear to be publicly assignable IP J . 7 t * *• * \ 

' TT . iL vv . * u T . ^ . and functions (e.g., database managemeat routines, etc.) 

addresses; this is the case because the unique network . .... : 6 ' . * , .,, .J 

V, 7 * . . j * -j * which will be immediately apparent to those skilled in the 

address that is assigned > never manifested outsrie of a ^ ^ JJ*^ ^ ^ ^ tQ ^ 

management system or routers that are coupled thereto/Trns » ^ shown m ^ ^ ^ ^ 

fact is especially important in the operation ot network 15 „ 7 c . A . , 4 , 

^ j F ^ ^ f querying, mapping, and the like. 

computing environments where gateway systems are imple- ^ . M J il *r . , , . . . , 

mented to route network traffic. A . Refcmn S «^ to ™- 9B depicted therein is a table 

, diagram of a lookup table used by a router according to a 

In any case, the unique network addresses which are prcfcrrcd cmbodimeilt of the present invention. In particular, 

internal to and which are established and provisioned by ^ ^ ^ e d tQ retrievably 

management system 102 ^^^^f^J^^^ 20 store at least two data values. Such data values relate to a 

outside of die range stipulated by IETF standard RFC 1918 n ^ Q± ^ described abovej md to a tuple 

(see above). containing "interface number, network address." The data 

Next, at Step S8-3, management system 102 will store the shown m table diagram 804 will allow a router such as 
unique address relative to a network address (e.g., the routers 104 and 112 (as described above) to map or translate 
otherwise commonly used network address) in a data storage an address pair ("interface address, network address") into a 
system. For example, management system 102 may store the unique network address that, ultimately, may be used within 
aforementioned addressing data in a lookup table as management system 102 to process packets and data con- 
described above. tained therein for a particular customer. The actual data 

Next, at Step S8-4, management system 102 will send the 3Q structures used to retrievably store the aforementioned data 

unique address to one or more router systems. And, at Step values may vary depending on the implementation details of 

S8-5, such router system(s) will store the unique network a particular router system. For example, the data structures 

address relative to the network address in a data storage used to retrievably store the aforementioned data values may 

system (e.g., on a disk drive, in a memory unit, etc.). include lookup tables stored in a memory unit of a router and 

Accordingly, Steps S8-4 and S8-5 illustrate the provisioning 35 may be managed by appropriate system routines and func- 

of management information base (MIB) data maintained by tions which will be immediately apparent to those skilled in 

management system 102 to router(s) which are coupled to a the art. Preferably, the data structures that are chosen to 

particular customer network. retrievably store the data values shown in table diagram 902 

Processing ends at Step S8-6 will allow for fast querying, mapping, and the like. 

The flow charts in FIGS. 4-8 illustrate the salient steps 40 Thus, having fully described the present invention by way 

that are carried out to route packets among private networks of example with reference to the attached drawing figures, it 

that have adopted and are using network addresses (e.g., will be readily appreciated that many changes and modifi- 

commonly used, private IP addresses). Those steps are able cations may be made to the invention and to any of the 

to achieve proper routing through use of paired data objects exemplary embodiments shown and/or described herein 

which allow address mappings to occur. Such paired data 45 without departing from the spirit or scope of the invention 

objects may be stored in a variety of memory and data which is defined in the appended claims, 

storage systems found within management system 102 and What is claimed is: 

routers 104 and 112. More particularly, such paired data 1. A system for monitoring and controlling at least one 

objects may be maintained by database management sys- network among a plurality of networks within a network 

terns and/or by system routines that manage volatile data 50 data processing environment, comprising: 

objects within random access memories. In any case, the a router having an interface for communicating a network 

structure of such paired data objects that will allow the packet, said network packet including a network 

above-described steps to be carried out to enable two or address, said interface having a unique interface ideo- 

more private networks to possess and used common, private tifier relative to said router, said router being configured 

IP addresses and to be serviced by a common management 55 to map said network address and said unique interface 

system 102, are illustrated in FIGS. 9A and 9B. identifier to a unique network address and to replace 

Referring now to FIG. 9A, depicted therein is a table said network address in said network packet with said 

diagram of a lookup table used by management system 102 unique network address; and 

according to preferred embodiment of the present invention. a management system coupled to said router and config- 

In particular, table diagram 902 includes storage capacity to 60 ured to receive said network packet from said router, to 

retrievably store at least two data values. Such data values map said unique network address in said network 

relate to a tuple containing "customer/usage identifier, net- packet to a usage identifier, and to process said network 

work address" and to a unique network address. Data stored packet and data contained therein based on said usage 

in a table corresponding to table diagram 902 will allow identifier, wherein said usage identifier identifies a 

management system 102 (as noted above) to map a unique 65 private network to be managed by said management 

network address (e.g., a private IP address that tjas been system and said unique address is internal to said 

concatenated to a physical port number of a particular router, management system. 
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2. The system according to claim 1, wherein said router mapping said said network address into a unique network 
includes a data storage system and processor coupled to said address; 

data storage system, said processor configured to map said mapping said unique network address to a usage identifier 
network address and said unique interface identifier to a by means of a management system, said unique net- 
unique network address and to replace said network address 5 work address being internal to said management sys- 
in said network packet with said unique network address. tern; 

3. The system according to claim 1, wherein said man- inserting said unique network address into said network 
agement system includes a data storage system and a pro- packet; and 

cessor coupled to said data storage system, said processor routing said network packet to said network element 

configured to map said unique network address in said 1Q on s ^ unique network address via said network 

network packet to a customer identifier and to process said processing environment 

network packet based on said customer identifier. yj j\ lc me thod according to claim 16, wherein said 

4. The system according to claim 1, wherein said network network address is formatted as an IP address. 

packet is formatted as an IP packet 18 memo d according to claim 16, wherein said 

5. The system according to claim 1, wherein said network networ k pac k e t is formatted as an IP packet. 

address is an IP address. 19. The method according to claim 16, wherein said 

6. The system according to claim 1 wherein said interface ^ ste a ^ of p^fa^ a lookup 
identifier is a port number corresponding to a port serviced ^ ^ ^ ^ ^ network 

^eTysYem according to claim 1, wherein said unique ad ^J° determine said ^unique network ^address, 

network address is formatted as an IP address that is 20 20 ™ e memod accordang to claim 16, wherein said 

meaningful within said management system. ™¥» network address is formatted as an IP address. 

8. The system according to claim 1, wherein said usage 21. Asystem for managing a plurality of private networks, 
identifier corresponds to an entity serviced by said manage- comprising: 

ment system. a plurality of routers, each of said plurality of routers 

9. The system according to claim 1, wherein said router 2S communicating with a private network; 

maps said network address and said unique interface iden- eacn G f said plurality of routers having an interface with 
tifier to said unique network address based on corresponding a un ique interface identifier for communicating a net- 
entries in a router map table managed by said router. vrotk packet having a network address, each of said 

10. The system according to claim 1, wherein said man- routers further including means to translate said net- 
agement system maps said unique network address in said 3Q ymtk a^ress to a unique network address; 
network packet to said usage identifier based on correspond- a management S y St em communicating with each of said 
ing entries in an address map table managed by said man- plurality of routers and configured to receive network 
agement system. packets from each of said plurality of routers, to map 

11. A method for managing a plurality of networks, ^ unique ner work address in said network packet to 
comprising the steps of: 35 a identifier, and to process said network packet 

receiving a network packet containing a unique network and data con tained therein based on said usage 

address from a network data processing environment, identifier, wherein said usage identifier identifies a 

said unique network address based on a network private network, among said plurality of private 

address corresponding to a network element within said networks, to be managed by said management system, 

network data processing environment; 40 and wherein said unique network is internal to said 

mapping said unique network address into a usage iden- management system, 

tifier by means of a management system, said usage 22. The system of claim 21, wherein each of said plurality 

identifier corresponding to a network resource addres- 0 f routers includes a data storage system and processor 

sable within said network data processing environment, coupled to said data storage system, said processor config- 

wherein said unique network address is internal to said 45 U red to map said network address and said unique interface 

management system; and identifier to a unique network address and to replace said 

processing said network packet based on usage param- network address in said network packet with said network 

eters corresponding to said usage identifier. address. 

12. The method according to claim 11, wherein said 23. The system of claim 21, wherein said management 
network packet is formatted as an IP packet. 50 system includes a data storage system and a processor 

13. The method according to claim 11, wherein said coupled to said data storage system, said processor config- 
network address is an IP address. ured to map said unique network address in said network 

14. The method according to claim 11, wherein said packet to a customer identifier and to process said network 
processing step further includes a step of performing a packet based on said customer identifier. 

particular data processing activity based on data contained 55 24. The system of claim 21, wherein said network packet 

within said network packet. is formatted as an IP packet. 

15. The method according to claim 11, wherein said 25. The system of claim 21, wherein said network address 
mapping step further includes a step of performing a lookup is an IP address. 

function based on said unique nerwork address to determine 26. The system of claim 21, wherein said interface iden- 

said usage identifier. 60 tifier is a port number corresponding to a port serviced by 

16. A method for managing a plurality of networks within each of said routers. 

a network data processing environment, comprising the 27. The system of claim 21, wherein said unique network 

steps of: address is formatted as an IP address that is meaningful 

formatting a nerwork packet for transmission to a network within said management system, 

element, said network packet including a usage iden- 65 28. The system of claim 21, wherein said usage identifier 

tifier and a network address corresponding to said corresponds to an entity serviced by said management 

usage identifier; system. 
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29. The system of claim 21, wherein each of said routers 
map said network address and said unique interface identi- 
fier to said unique network address based on corresponding 
entries in a router map table managed by said router. 

30. The system of claim 21, wherein said management 5 
system maps said unique network address in said network 
packet to said usage identifier based on corresponding 
entries in an address map table managed by said manage- 
ment system. 

31 . A system for managing a plurality of private networks, 10 
comprising: 

at least one router in communication with each of said 
private networks, said router having an interface with a 
unique interface identifier for communicating a net- 
work packet having a network address, and said router 
including an address translation means for translating a 
network address into a unique internal network address; 

a management system communicating with said router 
includes means to map said unique internal network 
address to a usage identifier, and to process said net- 
work packet and data contained therein based on said 
usage identifier, wherein said usage identifier identifies 
a private network among said plurality of private 
network. 

32. The method according to claim 19, wherein said 
network address is formatted as an IP address. 

33. A method for managing a plurality of networks within 
a network data processing environment, comprising the 
steps of: 



15 



20 
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(a) routing information from each of said plurality of 
private networks to management system by means of 
each of a plurality of routers, each of said plurality of 
routers further comprising 

(I) an interface with a unique interface identifier for 
communicating a network packet having a network 
address; and 

(ii) a means to translate said network address to a 
unique internal address; 

(b) mapping said unique internal network address in said 
network packet, by said management system to a usage 
identifier to process said network packet and data 
contained therein based on said usage identifier, said 
usage identifier identifying a private network among 
said plurality of private networks being managed by 
said management system. 

34. The method according to claim 33, wherein said 
network address is formatted as an IP address. 

35. The method according to claim 33, wherein said 
unique network address is formatted as an IP address. 

36. The method according to claim 33, wherein said 
storing steps respectively store said unique network address 
relative to said network address in respective Lookup tables 
within said management system and said router. 

37. The method according to claim 33, wherein said 
establishing step further comprises a step of selecting said 
unique network address from a pool of unique network 
addresses. 
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